- Hackers utiread "copy and paste" to steal millions of dollars in BTC, ETH and DOGE.
- Research shows MyKings operators have stolen at least $ 24 million by manipulating clipboards.
A malware investigation, MyKings, revealed that its operators stole a minimum of $ 24 million in crypto by manipulating a victim's clipboard. Cyber security researchers at software company Avast have linked the act to one of the MyKings botnet's clipboard thieves modules.
MyKings operators have raised at least $ 24 million
As the crypto space attracts legitimate investors and traders, it has also attracted the attention of hackers and other cybercriminals. The analysis of the researchers of'Avast showed that the MyKings botnet transferred more than $ 24 million in crypto from 1,300 new wallet addresses. The amount was transferred into Bitcoin (BTC), Ethereum (ETH) and Dogecoin (DOGE).
According to a report by Jakub Kaloc and Jan Rubin with l Avast Threat Labs team, MyKings malware continuously monitors everything that is copied to a clipboard. a the installed malware could be a victim. MyKings monitors when a user copies a crypto wallet address to their clipboard. Once the MyKings malware detects that a cryptocurrency wallet address is on the clipboard, it replaces the original address with its wallet address. So when the user pastes what he copied, he pastese unknowingly the address of the attacker's crypto wallet. Then the wallet address modified by the malware becomes the recipient of the transaction.
The trick is simple, and many are likely to fall victim to it. Cryptocurrency wallet addresses are generally long and t hey include numbers and alphabets. To avoid errors during transactions, copying and pasting wallet addresses has been a quick and easy way for many people. Considering the complexity of the addresses, we can say that it is unlikely that a user will notice that there has been a change during the copy and paste process.
Avast researchers shed light on the attack:
MyKings has been around since 2016 and has extended its infrastructure to fit for years. Besides the clipboard thief, the MyKings hood has other infrastructures such as bookit, droppers, corner miners and others.
167 fake crypto and trading apps discovered
Amid the rising rate of Cybercrime involving cryptocurrencies, cybersecurity firm Sophos identified 167 crypto app hackers used to steal from crypto holders a few months ago. At the time of identification, Sophos said the apps were available on both iOS and Android. As such, new investors and traders make the mistake of downloading and funding these bogus trading apps.
Find out more: The Identif Cybersecurity Companyie 167 cryptocurrency and trading applications used by attackers
In addition, Sophos researchers have plotted all 167 applications on a single server. This means that the bogus apps belong to the same group.